42a0a822771df35af6e565f3d815d500_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42a0a822771df35af6e565f3d815d500_JaffaCakes118
Size

760KB
MD5

42a0a822771df35af6e565f3d815d500
SHA1

0b1dcb1572e23fd74a745eecd2a4454a45602169
SHA256

42c40268a9dffd6965fc94cfa0a357fc6778a413cb52b34e24f9da534b01b456
SHA512

691aa9b9cb2bf3b2566bfc44061284b37c2cc593e3632f2c9d449ddd440e1e833c7e500ec6ecad7210bf12b310d35d104cf081b518c9fef3fc3ac950d04b616b
SSDEEP

12288:ZsnuJ+fQiFSgyE5SU/jobhr8CkMKqJx75/gzwmT1xlQya6XQzwNcqgUk1cZ:ZsnuBuSgBBchr8jq75/JmRxlQyEz1q3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a0a822771df35af6e565f3d815d500_JaffaCakes118

Files

42a0a822771df35af6e565f3d815d500_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5742eac6e0b5cd2b6b92dfa44c20b518

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
SetStdHandle
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateFileW
GetTimeZoneInformation
GlobalLock
RemoveDirectoryA
FindNextFileA
CreateFileMappingA
CompareStringA
GetCurrentThreadId
FindNextFileW
CreateProcessA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
GetFullPathNameA
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW
LoadLibraryW
GetModuleHandleW
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetVersion
SetEndOfFile
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
GetCPInfo
lstrcmpiA
GetTempPathA
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RtlUnwind
SizeofResource
TlsGetValue
IsValidCodePage
HeapCreate
WriteFile
Sleep
VirtualFree
FindResourceA
VirtualAlloc
DeleteFileW
SetHandleCount
GetOEMCP

gdi32

DeleteObject
DeleteDC
SetTextColor
CreateCompatibleDC
CreateSolidBrush
BitBlt

advapi32

RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCloseKey

user32

SendMessageA
InvalidateRect
GetFocus
IsWindowVisible
SystemParametersInfoA
GetSysColor
MessageBoxA
SetDlgItemTextA
EndDialog
GetDesktopWindow
TrackPopupMenu
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
SetWindowTextA
SetWindowLongA
ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
KillTimer
SetFocus
BeginPaint
DrawTextA
DispatchMessageA
CreateWindowExA
RegisterClassA
LoadStringA
GetWindow
EnableWindow
ShowWindow
DefWindowProcA
UpdateWindow
GetParent
GetMessageA
DestroyWindow
ClientToScreen
GetClientRect
TranslateMessage
ReleaseDC
GetCursorPos
GetDC
PeekMessageA
IsWindow
SetWindowPos
PostQuitMessage
MoveWindow
SetForegroundWindow
CallWindowProcA
MapWindowPoints
SetCursor

oleaut32

VariantClear
VariantInit

Sections

.text
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5742eac6e0b5cd2b6b92dfa44c20b518

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

oleaut32

Sections

.text Size: 640KB - Virtual size: 639KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 32KB - Virtual size: 33KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 640KB - Virtual size: 639KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 32KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 2KB